CWE-59
Improper Link Resolution Before File Access ('Link Following')
BaseDraftLikelihood: Medium
Description
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
Hierarchy (View 1000)
Related attack patterns (CAPEC)
CAPEC-132 · CAPEC-17 · CAPEC-35 · CAPEC-76
CVEs mapped to this weakness (624)
page 29 of 32| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2008-2311 | 0.00 | — | 0.03 | Jul 1, 2008 | Launch Services in Apple Mac OS X before 10.5, when Open Safe Files is enabled, allows remote attackers to execute arbitrary code via a symlink attack, probably related to a race condition and automatic execution of a downloaded file. | ||
| CVE-2008-2389 | 0.00 | — | 0.00 | Jun 6, 2008 | opensuse-updater in openSUSE 10.2 allows local users to access arbitrary files via a symlink attack. | ||
| CVE-2007-5495 | 0.00 | — | 0.00 | May 23, 2008 | sealert in setroubleshoot 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the sealert.log temporary file. | ||
| CVE-2008-2266 | 0.00 | — | 0.00 | May 16, 2008 | uulib/uunconc.c in UUDeview 0.5.20, as used in nzbget before 0.3.0 and possibly other products, allows local users to overwrite arbitrary files via a symlink attack on a temporary filename generated by the tempnam function. NOTE: this may be a CVE-2004-2265 regression. | ||
| CVE-2008-1103 | 0.00 | — | 0.00 | Apr 28, 2008 | Multiple unspecified vulnerabilities in Blender have unknown impact and attack vectors, related to "temporary file issues." | ||
| CVE-2008-1694 | 0.00 | — | 0.00 | Apr 22, 2008 | vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||
| CVE-2008-1901 | 0.00 | — | 0.00 | Apr 22, 2008 | aptlinex before 0.91 allows local users to overwrite arbitrary files via a symlink attack on the gambas-apt.lock temporary file. | ||
| CVE-2007-5664 | 0.00 | — | 0.00 | Apr 16, 2008 | db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to overwrite arbitrary files via a symlink attack on files used for initialization. | ||
| CVE-2008-1832 | 0.00 | — | 0.00 | Apr 16, 2008 | lib/prefs.tcl in Cecilia 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the csvers temporary file. | ||
| CVE-2008-1684 | 0.00 | — | 0.00 | Apr 6, 2008 | inetd on Sun Solaris 10, when debug logging is enabled, allows local users to write to arbitrary files via a symlink attack on the /var/tmp/inetd.log temporary file. | ||
| CVE-2008-1569 | 0.00 | — | 0.00 | Mar 31, 2008 | policyd-weight 0.1.14 beta-16 and earlier allows local users to modify or delete arbitrary files via a symlink attack on temporary files that are used when creating a socket. | ||
| CVE-2008-1241 | 0.00 | — | 0.04 | Mar 27, 2008 | GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remote attackers to spoof form elements and redirect user inputs via a borderless XUL pop-up window from a background tab. | ||
| CVE-2008-1417 | 0.00 | — | 0.00 | Mar 20, 2008 | The prerm script in axyl 2.1.7 allows local users to overwrite arbitrary files via a symlink attack on the axyl.conf temporary file. | ||
| CVE-2008-1199 | 0.00 | — | 0.00 | Mar 6, 2008 | Dovecot before 1.0.11, when configured to use mail_extra_groups to allow Dovecot to create dotlocks in /var/mail, might allow local users to read sensitive mail files for other users, or modify files or directories that are writable by group, via a symlink attack. | ||
| CVE-2008-0883 | 0.00 | — | 0.00 | Mar 6, 2008 | acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files related to SSL certificate handling. | ||
| CVE-2008-0930 | 0.00 | — | 0.00 | Mar 4, 2008 | w_editeur.c in XWine 1.0.1 for Debian GNU/Linux allows local users to overwrite or print arbitrary files via a symlink attack on the temporaire temporary file. NOTE: some of these details are obtained from third party information. | ||
| CVE-2008-1078 | 0.00 | — | 0.00 | Feb 29, 2008 | expn in the am-utils and net-fs packages for Gentoo, rPath Linux, and other distributions, allows local users to overwrite arbitrary files via a symlink attack on the expn[PID] temporary file. NOTE: this is the same issue as CVE-2003-0308.1. | ||
| CVE-2008-0870 | 0.00 | — | 0.00 | Feb 21, 2008 | BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 2, under certain circumstances, can redirect a user from the https:// URI for the Portal Administration Console to an http URI, which allows remote attackers to sniff the session. | ||
| CVE-2008-0806 | 0.00 | — | 0.00 | Feb 19, 2008 | wyrd 1.4.3b allows local users to overwrite arbitrary files via a symlink attack on the wyrd-tmp.[USERID] temporary file. | ||
| CVE-2008-0732 | 0.00 | — | 0.00 | Feb 12, 2008 | The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation, which might allow local users to obtain access to unspecified files or directories. |